Need CA Signed Certificate

Please fill out the fields below so we can help you better. Note: you must provide your domain name to get help. Domain names for issued certificates are all made public in Certificate Transparency logs (e.g. |, so withholding your domain name here does not increase secrecy, but only makes it harder for us to provide help.

My domain is:

I ran this command: I have CSR Request to get it signed by CA.

It produced this output:

My web server is (include version):

The operating system my web server runs on is (include version):

My hosting provider, if applicable, is: Site Ground

I can login to a root shell on my machine (yes or no, or I don't know):

I'm using a control panel to manage my site (no, or provide the name and version of the control panel):

The version of my client is (e.g. output of certbot --version or certbot-auto --version if you're using Certbot):

Looking at the minimum effort into the thread, let me do the same minimalistic effort by linking to the following two documentation pages:



Is there any certificate authority who provides the 1-yr Signed Certificate free of cost?

No, the maximum is 180 days from BuyPass. See:

Why do you need a certificate from a CSR to begin with? Your site is already secured by a Let's Encrypt certificate. And looking at the certificate history for a while now.


I need for the sub domain

I need to setup custom url for salesforce sites which need CA-Signed Certificate.

There already has been issued a certificate for that hostname about 12 days before: | 11032610154

Why not use that one? Or repeat the same process?


Don't they set it up automatically?


Is it CA Signed Certificate, if yes how i can download it?

It's signed by Let's Encrypt, which indeed is a CA. And you can download it from the site I linked, but you'd also need the private key, which, for obvious reasons, can't be downloaded from public sources.

Someone in your organisation would (or should) have access to the certificate and private key though.

A Let's Encrypt certificate is already securing, yes. Issued today to be exact. About 3 hours ago to be exactly exact.


Please check this article, how salesforce works Help And Training Community

Step 8-10 is more relevant.

The certificate which you are mentioned it's a SSL certificate issued by Let's Encrypt but i have to first create CSR and then it needs to be signed by CA.

What do you think you're getting when your CSR gets signed by Let's Encrypt, which is a CA? Right, exactly the same. :slight_smile:

Note that Let's Encrypt doesn't incorporate things like "Email Address" or "Company" from the CSR into the certificate. This is due to the fact Let's Encrypt only offers (free) DV (Domain Validated) certificates, not OV (Organisation Verified) certificates.

By the way, that guide is also flawed on some level. It says:

After you create a CA-signed certificate, it's valid for 3 years.

But it also let's you choose the CA.. What if the CA only offers 90 days (or 180 or 365 days) certificates? Are they also valid for 3 years? No, of course not.. Then why would they claim such a thing? :thinking:

Anyway, I agree with @danb35 here.. Sure, a guide tells you to do something. But are you actually required to follow the guide? What ultimate purpose does the guide have, what isn't already in effect?


Why do you think you have to do that? I know, the guide says you do--but what are you wanting to accomplish that isn't done already? You already have a cert. It's already in use by your web server. For what other purpose do you think you need a cert?


...and, in fact, no trusted CA currently offers 3-year certs. But even if one or more did, that'd still be a foolish statement for the guide to make, because it's never been the case that all CA-signed certificates are valid for 3 years.